#include <stdio.h>

void attack()
{
	while(1) {
		printf("attack program.\n");
	}

	getchar();
}

void main()
{
	int arr[5] = {0};

    arr[6] = (int)attack;
}

#if 0
/*
 * intel
 */
0000000000001169 <attack>:
    1169:	f3 0f 1e fa          	endbr64 
    116d:	55                   	push   %rbp
    116e:	48 89 e5             	mov    %rsp,%rbp
    1171:	48 8d 3d 8c 0e 00 00 	lea    0xe8c(%rip),%rdi        # 2004 <_IO_stdin_used+0x4>
    1178:	e8 e3 fe ff ff       	callq  1060 <puts@plt>
    117d:	eb f2                	jmp    1171 <attack+0x8>

000000000000117f <main>:
    117f:	f3 0f 1e fa          	endbr64 
    1183:	55                   	push   %rbp
    1184:	48 89 e5             	mov    %rsp,%rbp
    1187:	48 83 ec 20          	sub    $0x20,%rsp
    118b:	64 48 8b 04 25 28 00 	mov    %fs:0x28,%rax        // rax=0x5b5fc5674ddb7100
    1192:	00 00 
    1194:	48 89 45 f8          	mov    %rax,-0x8(%rbp)      // (rbp-0x8)=0x5b5fc5674ddb7100
    1198:	31 c0                	xor    %eax,%eax            // rax=eax=0
    119a:	48 c7 45 e0 00 00 00 	movq   $0x0,-0x20(%rbp)     // a[3]=a[4]=0
    11a1:	00 
    11a2:	48 c7 45 e8 00 00 00 	movq   $0x0,-0x18(%rbp)     // a[1]=a[2]=0
    11a9:	00 
    11aa:	c7 45 f0 00 00 00 00 	movl   $0x0,-0x10(%rbp)     // a[0] = 0
    11b1:	48 8d 05 b1 ff ff ff 	lea    -0x4f(%rip),%rax        # 1169 <attack>  // rax=attack, 11b8 - 0x4f = 1169
    11b8:	89 45 f8             	mov    %eax,-0x8(%rbp)      // (rbp-0x8)=0xe5894855fa1e0ff3 --> 1169:e5 89 48 55 fa 1e 0f f3
    11bb:	90                   	nop
    11bc:	48 8b 45 f8          	mov    -0x8(%rbp),%rax      // rax=0xfed579b155555169
    11c0:	64 48 33 04 25 28 00 	xor    %fs:0x28,%rax        // !=0, zf=0
    11c7:	00 00 
    11c9:	74 05                	je     11d0 <main+0x51>     // zf=1时才跳转，因此时zf=0,不跳转
    11cb:	e8 a0 fe ff ff       	callq  1070 <__stack_chk_fail@plt>  // 执行
    11d0:	c9                   	leaveq 
    11d1:	c3                   	retq   
    11d2:	66 2e 0f 1f 84 00 00 	nopw   %cs:0x0(%rax,%rax,1)
    11d9:	00 00 00 
    11dc:	0f 1f 40 00          	nopl   0x0(%rax)

/*
 * arm
 */
000000000040055c <attack>:
  40055c:	a9bf7bfd 	stp	x29, x30, [sp, #-16]!
  400560:	910003fd 	mov	x29, sp
  400564:	90000000 	adrp	x0, 400000 <_init-0x3e8>
  400568:	91192000 	add	x0, x0, #0x648
  40056c:	97ffffb9 	bl	400450 <puts@plt>
  400570:	17fffffd 	b	400564 <attack+0x8>

0000000000400574 <main>:
  400574:	d10083ff 	sub	sp, sp, #0x20
  400578:	a900ffff 	stp	xzr, xzr, [sp, #8]  // a[0-3]=0
  40057c:	b9001bff 	str	wzr, [sp, #24]      // a[4]=0
  400580:	90000000 	adrp	x0, 400000 <_init-0x3e8>
  400584:	91157000 	add	x0, x0, #0x55c
  400588:	b90023e0 	str	w0, [sp, #32]       // a[5]=0x40055c
  40058c:	d503201f 	nop
  400590:	910083ff 	add	sp, sp, #0x20
  400594:	d65f03c0 	ret


#endif
